Which is why secure boot and remote attestation is needed so that the developer can trust that you are not using a non preapproved kernel module not are you using a virtual machine.

Remote attestation doesn't work if i have permission to modify memory. My kernel module wont even show as loaded...

If you can modify sytem memory its trivial to bypass any checks the anticheat has. To the point where you simply modify the anti cheat in memory to say 'sure i've done all those checks'.

Which is why you need secure boot to prove that there is no way to modify system memory.

I can have secure boot of virtualized hosts, and still modify system memory from either a kernel exploit or virtualised systems host. Cheaters absolutely would install crappy signed kernel modules to achieve this.